4 matches found
CVE-2024-45317
A Server-Side Request Forgery SSRF vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenticated attacker to cause the SMA1000 server-side application to make requests to an unintended IP address...
CVE-2024-45317
CVE-2024-45317 is an SSRF vulnerability in SonicWall SMA1000 appliances (firmware 12.4.3-02676 and earlier). The server-side application can be compelled by a remote, unauthenticated attacker to issue requests to unintended IPs. The public sources describe the issue, its impact and that SonicWall...
CVE-2024-24806
A server-side request forgery SSRF flaw was found in the libuv package due to how the hostnameascii variable is handled in uvgetaddrinfo and uvidnatoascii. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result, attackers may be able to access...
libuv Code Issues Vulnerabilities
libuv is a cross-platform asynchronous IO library for nodejs. The platform is used to abstract IOCP for Windows and libev for Unix. currently supported features are non-blocking; TCP sockets; non-blocking named pipes; UDP; timers; child process generation; implementation of asynchronous DNS;...